From patchwork Sun Oct 22 18:22:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dimitri John Ledkov X-Patchwork-Id: 13432041 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A2085CDB474 for ; Sun, 22 Oct 2023 18:22:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232462AbjJVSWw (ORCPT ); Sun, 22 Oct 2023 14:22:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59138 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232403AbjJVSWq (ORCPT ); Sun, 22 Oct 2023 14:22:46 -0400 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 75A05D5D for ; Sun, 22 Oct 2023 11:22:44 -0700 (PDT) Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id 4488E3FA6A for ; Sun, 22 Oct 2023 18:22:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1697998963; bh=eYf+t+El9qBlaiw5wPUd9OUTW1C9eNGz0+xZv0WFeT0=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=eoBwSQAV2jc9lvUuO6XuUtM11av8szafNo8pPQIx/9niJJ06BJvUx67ZWWIHUdN5b KReGpTAMppQ0Jymn8IIrI12jPjitKciaaJmEHWPki5FXbTImei0RvZm0RnccooW4zf A7bPrhqSC236gg6E23fi4YiUBnzyreLJ5zKXHlWNkIANrrXGx5nzuYll27oDgk5X96 2N2PZZa/Z7Y9lFW5k+LktnsFZQZIgx4eWHml114KLQKjQ7iN9HB9zEA2KEsBJUzc3n 7AzmdBaIzHYw+UxrrUgWJqOO+pxlDFh0W7SbKrcYpb9PGeTrsBR4UrZdBXusOIxr8L XNH8XgUO6DulQ== Received: by mail-wr1-f70.google.com with SMTP id ffacd0b85a97d-32de95ec119so896842f8f.2 for ; Sun, 22 Oct 2023 11:22:43 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697998963; x=1698603763; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=eYf+t+El9qBlaiw5wPUd9OUTW1C9eNGz0+xZv0WFeT0=; b=EoJ0cylz+rJ+0wd0mxroJBR6NWj9nXwgHgCuYyHXAGBN0COZUd+UxlhzGrsi/sFZ61 yyf7uy/W5AHEEpfaSX5frpoYoksXw8ECiwaJWPzI3yTO1PfukRNqdg6KFwHWkxtWTlUN rnOpA9v+oE/4x8GfBOZ1YolmVNgCIA8bX0Xo7m4bOuRKOdAdPYmBZrD/4xHnHn5DknZo 64pQMXhQBPLd2FJWDc3aHJO6wkDdj0vi1kiH7Ol5FZJ7YMH7XTA1QKVUbg6lFMbqbMKx nBBCBswV8rAr8S1xRu6fQsqNc/5Jdn6eEzu2n2CVKcRW54Cvf4ZTj0DgSOB82EEIA0v6 Z4Kw== X-Gm-Message-State: AOJu0YxOEnGReF6ZxjRD4YmPd5MBQfG+u/f1B5ihG1tx6MG5zj9WzI2i A3O/QxsnkQSroIIZr6+sLcj7oJnuO0t8U66SKcuvPZcosJiwIQaEh5cZBG497cDDN+e91tyT1R4 FHQ3cKIbzrpq6MSJUqtfBThHDpz1Ufj02P6sp X-Received: by 2002:a05:6000:1183:b0:313:f463:9d40 with SMTP id g3-20020a056000118300b00313f4639d40mr3828254wrx.65.1697998962876; Sun, 22 Oct 2023 11:22:42 -0700 (PDT) X-Google-Smtp-Source: AGHT+IH7qAP+4YfSJntn9JV5vYJgPooPDtZyiLr3U9fc40TZZa0J1KRatDzDmqR1M8L1F9Pg36Jk5w== X-Received: by 2002:a05:6000:1183:b0:313:f463:9d40 with SMTP id g3-20020a056000118300b00313f4639d40mr3828248wrx.65.1697998962650; Sun, 22 Oct 2023 11:22:42 -0700 (PDT) Received: from localhost ([2001:67c:1560:8007::aac:c15c]) by smtp.gmail.com with ESMTPSA id y5-20020adff145000000b0031fd849e797sm6100729wro.105.2023.10.22.11.22.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 22 Oct 2023 11:22:42 -0700 (PDT) From: Dimitri John Ledkov To: herbert@gondor.apana.org.au, David Howells , "David S. Miller" Cc: linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, keyrings@vger.kernel.org Subject: [PATCH 4/6] crypto: x509 pkcs7 - allow FIPS 202 SHA-3 signatures Date: Sun, 22 Oct 2023 19:22:06 +0100 Message-Id: <20231022182208.188714-5-dimitri.ledkov@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231022182208.188714-1-dimitri.ledkov@canonical.com> References: <20231022182208.188714-1-dimitri.ledkov@canonical.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: keyrings@vger.kernel.org Add FIPS 202 SHA-3 hash signature support in x509 certificates, pkcs7 signatures, and authenticode signatures. Supports hashes of size 256 and up, as 224 is too weak for any practical purposes. Signed-off-by: Dimitri John Ledkov --- crypto/asymmetric_keys/mscode_parser.c | 9 +++++++++ crypto/asymmetric_keys/pkcs7_parser.c | 12 ++++++++++++ crypto/asymmetric_keys/public_key.c | 5 ++++- crypto/asymmetric_keys/x509_cert_parser.c | 24 +++++++++++++++++++++++ 4 files changed, 49 insertions(+), 1 deletion(-) diff --git a/crypto/asymmetric_keys/mscode_parser.c b/crypto/asymmetric_keys/mscode_parser.c index 855cbc46a9..05402ef896 100644 --- a/crypto/asymmetric_keys/mscode_parser.c +++ b/crypto/asymmetric_keys/mscode_parser.c @@ -84,6 +84,15 @@ int mscode_note_digest_algo(void *context, size_t hdrlen, case OID_sha512: ctx->digest_algo = "sha512"; break; + case OID_sha3_256: + ctx->digest_algo = "sha3-256"; + break; + case OID_sha3_384: + ctx->digest_algo = "sha3-384"; + break; + case OID_sha3_512: + ctx->digest_algo = "sha3-512"; + break; case OID__NR: sprint_oid(value, vlen, buffer, sizeof(buffer)); diff --git a/crypto/asymmetric_keys/pkcs7_parser.c b/crypto/asymmetric_keys/pkcs7_parser.c index ab647cb4d7..5b08c50722 100644 --- a/crypto/asymmetric_keys/pkcs7_parser.c +++ b/crypto/asymmetric_keys/pkcs7_parser.c @@ -248,6 +248,15 @@ int pkcs7_sig_note_digest_algo(void *context, size_t hdrlen, case OID_gost2012Digest512: ctx->sinfo->sig->hash_algo = "streebog512"; break; + case OID_sha3_256: + ctx->sinfo->sig->hash_algo = "sha3-256"; + break; + case OID_sha3_384: + ctx->sinfo->sig->hash_algo = "sha3-384"; + break; + case OID_sha3_512: + ctx->sinfo->sig->hash_algo = "sha3-512"; + break; default: printk("Unsupported digest algo: %u\n", ctx->last_oid); return -ENOPKG; @@ -273,6 +282,9 @@ int pkcs7_sig_note_pkey_algo(void *context, size_t hdrlen, case OID_id_ecdsa_with_sha256: case OID_id_ecdsa_with_sha384: case OID_id_ecdsa_with_sha512: + case OID_id_ecdsa_with_sha3_256: + case OID_id_ecdsa_with_sha3_384: + case OID_id_ecdsa_with_sha3_512: ctx->sinfo->sig->pkey_algo = "ecdsa"; ctx->sinfo->sig->encoding = "x962"; break; diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c index 5bf0452c17..8eeab38a3d 100644 --- a/crypto/asymmetric_keys/public_key.c +++ b/crypto/asymmetric_keys/public_key.c @@ -119,7 +119,10 @@ software_key_determine_akcipher(const struct public_key *pkey, if (strcmp(hash_algo, "sha224") != 0 && strcmp(hash_algo, "sha256") != 0 && strcmp(hash_algo, "sha384") != 0 && - strcmp(hash_algo, "sha512") != 0) + strcmp(hash_algo, "sha512") != 0 && + strcmp(hash_algo, "sha3-256") != 0 && + strcmp(hash_algo, "sha3-384") != 0 && + strcmp(hash_algo, "sha3-512") != 0) return -EINVAL; } else if (strcmp(pkey->pkey_algo, "sm2") == 0) { if (strcmp(encoding, "raw") != 0) diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c index 68ef1ffbbe..487204d394 100644 --- a/crypto/asymmetric_keys/x509_cert_parser.c +++ b/crypto/asymmetric_keys/x509_cert_parser.c @@ -214,6 +214,18 @@ int x509_note_sig_algo(void *context, size_t hdrlen, unsigned char tag, ctx->cert->sig->hash_algo = "sha224"; goto rsa_pkcs1; + case OID_id_rsassa_pkcs1_v1_5_with_sha3_256: + ctx->cert->sig->hash_algo = "sha3-256"; + goto rsa_pkcs1; + + case OID_id_rsassa_pkcs1_v1_5_with_sha3_384: + ctx->cert->sig->hash_algo = "sha3-384"; + goto rsa_pkcs1; + + case OID_id_rsassa_pkcs1_v1_5_with_sha3_512: + ctx->cert->sig->hash_algo = "sha3-512"; + goto rsa_pkcs1; + case OID_id_ecdsa_with_sha224: ctx->cert->sig->hash_algo = "sha224"; goto ecdsa; @@ -230,6 +242,18 @@ int x509_note_sig_algo(void *context, size_t hdrlen, unsigned char tag, ctx->cert->sig->hash_algo = "sha512"; goto ecdsa; + case OID_id_ecdsa_with_sha3_256: + ctx->cert->sig->hash_algo = "sha3-256"; + goto ecdsa; + + case OID_id_ecdsa_with_sha3_384: + ctx->cert->sig->hash_algo = "sha3-384"; + goto ecdsa; + + case OID_id_ecdsa_with_sha3_512: + ctx->cert->sig->hash_algo = "sha3-512"; + goto ecdsa; + case OID_gost2012Signature256: ctx->cert->sig->hash_algo = "streebog256"; goto ecrdsa;